Chinese APT Phantom Taurus Targeted MS Exchange Servers Over 3 Years

Cybersecurity researchers at Palo Alto Networks' Unit 42 say Chinese APT Phantom Taurus breached Microsoft Exchange servers for years using a backdoor to spy on diplomats and defense data...

Hack of US Surveillance Provider RemoteCOM Exposes Court Data

A massive data breach at RemoteCOM exposed 14,000 personal files and police contacts from the SCOUT software. Learn what this aggressive spyware records, and the high risks for all involved parties...

US Auto Insurance Platform ClaimPix Leaked 10.7TB of Records Online

Cybersecurity researcher Jeremiah Fowler discovered a massive 10.7TB ClaimPix leak exposing 5.1M customer files, vehicle data, and Power of Attorney documents. Read the full details...

Microsoft Flags AI Phishing Attack Hiding in SVG Files

Microsoft Threat Intelligence detected a new AI-powered phishing campaign using LLMs to hide malicious code inside SVG files disguised as business dashboards...

Tips for Merging Large PDF Files Online

As more businesses rely on digital documents today, effective large file management has also become necessary. PDFs are…...

Dutch Teens Arrested Over Alleged Spying for Pro-Russian Hackers

Dutch authorities arrest two teens recruited by pro-Russian hackers for spying missions. Learn how Russia is using disposable agents for sabotage across Europe...

Harrods Data Breach: 430,000 Customer Records Stolen Via Third-Party Attack

Luxury retailer Harrods confirms 430,000 customer records names, contacts were stolen from a third-party provider in the latest UK retail cyberattack wave...

DarkCloud Infostealer Relaunched to Grab Credentials, Crypto and Contacts

eSentire TRU analyses the new DarkCloud V4.2 infostealer, rewritten in VB6. Find out how the malware steals browser data, crypto, and contacts via targeted phishing...

Accelerate Crypto Success: Why a Canadian Crypto License Is Your Launchpad to Growth

As the digital asset market matures and regulators worldwide work to set clear standards, one fact has become…...

ThreatBook Launches Best-of-Breed Advanced Threat Intelligence Solution

Singapore, Singapore, 29th September 2025, CyberNewsWire...

Medusa Ransomware Claims Comcast Data Breach, Demands $1.2M

Medusa ransomware group claims 834 GB data theft from Comcast, demanding $1.2M ransom while sharing screenshots and file listings...

Hackers Use Fake Invoices to Spread XWorm RAT via Office Files

Hackers are sending fake invoice emails with malicious Office files that install the XWorm RAT on Windows systems, allowing full remote access and data theft. Learn how the shellcode and process injection are used to steal data, and how to stay safe from this persistent threat...

Google Ads Used to Spread Trojan Disguised as TradingView Premium

Bitdefender warns that the TradingView Premium ad scam now targets Google ads and YouTube, hijacking verified channels to spread spyware...

Fake Ukraine Police Notices Spread New Amatera Stealer and PureMiner

FortiGuard Labs exposes a high-severity phishing campaign impersonating the National Police of Ukraine to deliver Amatera Stealer data theft and PureMiner cryptojacking to Windows PCs...

Archer Health Data Leak Exposes 23GB of Medical Records

California-based Archer Health exposed 23GB of patient records, including SSNs, IDs, and medical files, after an unprotected database was found online...

Living Security Unveils HRMCon 2025 Speakers as Report Finds Firms Detect Just 19% of Human Risk

Austin / TX, United States, 25th September 2025, CyberNewsWire...

Vietnamese Hackers Use Fake Copyright Notices to Spread Lone None Stealer

New Lone None Stealer uses Telegram C2 and DLL side-loading to grab passwords, credit cards, and crypto. Find out how to spot this highly evasive phishing scam...

ForcedLeak Flaw in Salesforce Agentforce AI Agent Exposed CRM Data

Cybersecurity firm Noma Security reveals ForcedLeak, a critical flaw in Salesforce Agentforce that allowed data theft. Learn what companies need to do now to secure AI agents...

Critical CVSS 10 Flaw in GoAnywhere File Transfer Threatens 20,000 Systems

Urgent warning for Fortra GoAnywhere MFT users. A CVSS 10.0 deserialization vulnerability CVE-2025-10035 in the License Servlet allows command injection. Patch to v7.8.4 immediately to prevent system takeover...

China-Linked Hackers Hit US Tech Firms with BRICKSTORM Malware

China-backed UNC5221 targets US legal and tech firms by deploying BRICKSTORM malware on neglected VMware and Linux/BSD appliances, Google's Mandiant reports...

Gcore Radar Report Reveals 41% Surge in DDoS Attack Volumes

Luxembourg, Luxembourg, 25th September 2025, CyberNewsWire...

PSF Warns of Fake PyPI Login Site Stealing User Credentials

The Python Software Foundation PSF warns developers of phishing emails leading to a fake PyPI login site designed to steal account credentials...

ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service

Darktrace researchers have uncovered ShadowV2, a new botnet that operates as a DDoS-for-hire service by infecting misconfigured Docker containers on AWS cloud servers...

UK Arrest Made After Cyberattack Disrupts Major European Airports

UK police arrest man over cyberattack on Collins Aerospace that disrupted check-in at Heathrow, Berlin, Brussels and other airports...

Cloudflare Blocks Record 22.2 Tbps DDoS Attack

Cloudflare stopped a record 22.2 Tbps DDoS attack, showing how massive these threats have become and why strong DDoS attack protection is essential...

FBI Warns of Fake IC3 Websites Designed to Steal Personal Data

The FBI is warning internet users about fake versions of its official IC3 cybercrime reporting website. Learn how to spot these ‘spoofed’ sites, avoid scams where criminals impersonate agents, and protect your personal information by following the FBI’s crucial safety tips...

Microsoft Fixed Entra ID Vulnerability Allowing Global Admin Impersonation

Microsoft patched an Entra ID vulnerability that let attackers impersonate Global Admins across tenants, risking full Microsoft 365 and Azure takeover...

Defy Security Appoints Esteemed Cybersecurity Leader Gary Warzala to Its Board of Directors

Pittsburg, United States, 23rd September 2025, CyberNewsWire...

Iranian Hackers Use Fake Job Lures to Breach Europe’s Critical Industries

New research from Check Point Research reveals the Iranian cyber group Nimbus Manticore is targeting defence, telecom, and aerospace companies in Europe with fake job offers. Learn how they use advanced malware to steal sensitive data...

SpyCloud Report: 2/3 Orgs Extremely Concerned About Identity Attacks Yet Major Blind Spots Persist

Austin, Texas, USA, 23rd September 2025, CyberNewsWire...

Inc Ransomware Group Claims 5.7 TB Theft from Pennsylvania Attorney General’s Office

The Inc ransomware gang claims to have stolen 5.7 TB of data from the Pennsylvania Attorney General's office in an August 2025 attack. Find out how the breach unfolded, why government agencies are a top target, and what this means for citizens...

How Major SOCs Achieve Early Threat Detection in 3 Steps

Every SOC leader understands that faster threat detection is better. But the difference between knowing it and building…...

Jeep and Dodge Parent Company Stellantis Confirms Customer Data Breach

Stellantis, parent of Jeep, Chrysler, Dodge and FIAT, confirms data breach through third-party vendor. Contact info exposed, financial data not affected...

Bitcoin continues to increase its institutional popularity

Not long ago, the mere idea that cryptocurrencies could ever be integrated into mainstream finance would have seemed…...

Fake Ukrainian Police Emails Spread New CountLoader Malware Loader

A new malware loader, CountLoader, has been discovered by cybersecurity firm Silent Push. This threat is linked to prominent Russian ransomware gangs, including LockBit, BlackBasta, and Qilin, and is being used as an initial access broker...

AI Forensics Help Europol Track 51 Children in Global Online Abuse Case

Europol and 18 countries used AI forensics to identify 51 child victims and 60 suspects in a global online abuse investigation...

ShadowLeak Exploit Exposed Gmail Data Through ChatGPT Agent

Radware researchers revealed a service-side flaw in OpenAI's ChatGPT. The ShadowLeak attack had used indirect prompt injection to bypass defences and leak sensitive data, but the issue has since been fixed...

MI6 Opens Dark Web Portal “Silent Courier” for Russians to Share Secrets

The UK's spy agency, MI6, has launched a new dark web portal called Silent Courier to securely recruit agents worldwide, particularly from Russia. Learn how this shift to the dark web marks a new era in modern espionage and national security...

Cyberattack Disrupts Airport Check-In Systems Across Europe

Cyberattack on Collins Aerospace check-in system disrupts major European airports, causing flight delays and cancellations across hubs...

Chinese Network Selling Thousands of Fake US and Canadian IDs

New investigation exposes a China-based ring that sold over 6,500 fake United States and Canadian IDs using well-planned covert packaging. Learn how this operation threatens national security and enables financial crime...

BreachLock Named Sample Vendor for PTaaS and AEV in Two New 2025 Gartner® Reports

New York, New York, 19th September 2025, CyberNewsWire...

WatchGuard Issues Fix for 9.3-Rated Firebox Firewall Vulnerability

WatchGuard has issued a critical security alert for its Firebox firewalls due to a serious vulnerability, CVE-2025-9242. Learn what this 'out-of-bounds write' flaw means, which Fireware OS versions are affected, and the urgent steps to take to protect your network from remote attacks...

How Enterprise SEO Solutions Improve Brand Authority

Now, especially in a very competitive environment, it is essential to make your name shine. Enterprise SEO solutions…...

Two UK Teenagers Charged Over TfL Hack Linked to Scattered Spider

Two UK teens have been charged in connection with the TfL hack, as investigators link them to Scattered Spider cyberattacks and data breaches...

Palo Alto Networks Acknowledges SquareX Research on Limitations of SWGs Against Last Mile Reassembly Attacks

Palo Alto, California, 18th September 2025, CyberNewsWire...

Fake Empire Podcast Invites Target Crypto Industry with macOS AMOS Stealer

Hackers are posing as Empire podcast hosts, tricking crypto influencers and developers with fake interview invites to deliver macOS AMOS Stealer malware...

Shifting Tides: Investors Pivot Toward Altcoins Amid Bitcoin Slowdown

In the current cycle, Bitcoin has anchored most of the capital inflow. In 2025, 66% of investors selected…...

Vane Viper Malvertising Network Posed as Legit Adtech in Global Scams

Infoblox links Vane Viper to PropellerAds, exposing a global malvertising network posing as adtech while spreading malware and running online scams...

New Raven Stealer Malware Hits Browsers for Passwords and Payment Data

New research reveals Raven Stealer malware that targets browsers like Chrome and Edge to steal personal data. Learn how this threat uses simple tricks like process hollowing to evade antiviruses and why it's a growing risk for everyday users...

Can Codeless Testing Tools Detect Common Security Vulnerabilities?

Learn what Codeless Testing Tools are and how effective they are in detecting common security vulnerabilities, along with understanding their strengths and limitations...